Category Archives: Security

SoakSoak Malware affects 100,000+ WordPress sites

Sucuri recently reported that hundreds of thousands of WordPress sites have been infected with a new strain of malware, which injects malicious JavaScript into every page of affected sites. According to their analysis, the “SoakSoak” malware uses a known vulnerability in … Continue reading

Posted in General, Security | Leave a comment

Serious Vulnerability in bash

A serious vulnerability has been found in bash, one of the core tools found on almost every Unix, Linux, and Mac OS X system. The vulnerability affects most versions up to and including 4.3, except certain patched versions like 3.2.52(1). You should assume … Continue reading

Posted in General, Security | Leave a comment

Custom Contact Forms Plugin Vulnerability

The web security team at Sucuri recently discovered a vulnerability in the Custom Contact Forms plugin. If the Custom Contact Forms plugin is installed on your self-hosted WordPress site, your site’s security may be at risk, and you should upgrade to the latest version … Continue reading

Posted in General, Security | Leave a comment

Fix for the MailPoet Plugin AKA wysija-newsletters

A vulnerability was found in the MailPoet Newsletters WordPress plugin ( known as wysija-newsletters at the plugin repository ). All versions below 2.6.7 of the plugin are vulnerable. We’ve deployed a hot fix to VaultPress sites running the MailPoet … Continue reading

Posted in General, Security | Tagged | Leave a comment

Fix for TimThumb vulnerability

A serious vulnerability was recently discovered in the popular TimThumb script. TimThumb is a tool that is used to manipulate images, and is used by many themes and plugins. This vulnerability may allow users to execute certain malicious commands on affected servers. If you subscribe to … Continue reading

Posted in Security | Leave a comment